OpenVPN keeps looking for /etc/openvpn/server-tap.conf


#1

Hi guys,

I run LEDE Reboot 17.01.4 on x86 and have OpenVPN configured and running with following components:

openssl-util 1.0.2o-1
openvpn-easy-rsa 2013-01-30-ff5bfd1d-2
openvpn-openssl 2.4.4-4

Everything works fine but my system log is being spammed with following message every 5 seconds:

Thu Jul 12 22:47:07 2018 daemon.err openvpn(server-tap)[25001]: Options error: In [CMD-LINE]:1: Error 
opening configuration file: /etc/openvpn/server-tap.conf
Thu Jul 12 22:47:07 2018 daemon.warn openvpn(server-tap)[25001]: Use --help for more information.

it is being repeated all the time and log is growing, which is irritating.

My OpenVPN configuration file is /etc/config/openvpn and everything is working fine, so I wonder how I can remove or suppress this error?

I even tried to create empty /etc/openvpn/server-tap.conf in order to make it stop, but it just complained about not finding options instead.

Thanks!


#2

Post your /etc/config/openvpn file here, please.


#3

it is very straight-forward config:

config openvpn 'myvpn'
	option enabled '1'
	option verb '3'
	option port '1194'
	option proto 'udp'
	option dev 'tun'
	option server '10.8.0.0 255.255.255.0'
	option keepalive '10 120'
	option ca '/etc/openvpn/ca.crt'
	option cert '/etc/openvpn/my-server.crt'
	option key '/etc/openvpn/my-server.key'
	option dh '/etc/openvpn/dh2048.pem'
	list push 'route 192.168.0.0 255.255.255.0'
	list push 'redirect-gateway def1'
	#option sndbuf '393216'
	#option rcvbuf '393216'
	#list push 'sndbuf 393216'
	#list push 'rcvbuf 393216'


To me, this seems more of a etc/init.d/openvpn issue?


#4

Anyone?

This is how my etc/init.d/openvpn looks like:

#!/bin/sh /etc/rc.common
# Copyright (C) 2008-2013 OpenWrt.org
# Copyright (C) 2008 Jo-Philipp Wich
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.

START=90
STOP=10

USE_PROCD=1
PROG=/usr/sbin/openvpn

LIST_SEP="
"

UCI_STARTED=
UCI_DISABLED=

append_param() {
	local s="$1"
	local v="$2"
	case "$v" in
		*_*_*_*) v=${v%%_*}-${v#*_}; v=${v%%_*}-${v#*_}; v=${v%%_*}-${v#*_} ;;
		*_*_*)   v=${v%%_*}-${v#*_}; v=${v%%_*}-${v#*_} ;;
		*_*)     v=${v%%_*}-${v#*_} ;;
	esac
	echo -n "$v" >> "/var/etc/openvpn-$s.conf"
	return 0
}

append_bools() {
	local p; local v; local s="$1"; shift
	for p in $*; do
		config_get_bool v "$s" "$p"
		[ "$v" = 1 ] && append_param "$s" "$p" && echo >> "/var/etc/openvpn-$s.conf"
	done
}

append_params() {
	local p; local v; local s="$1"; shift
	for p in $*; do
		config_get v "$s" "$p"
		IFS="$LIST_SEP"
		for v in $v; do
			[ -n "$v" ] && [ "$p" != "push" ] && append_param "$s" "$p" && echo " $v" >> "/var/etc/openvpn-$s.conf"
			[ -n "$v" ] && [ "$p" == "push" ] && append_param "$s" "$p" && echo " \"$v\"" >> "/var/etc/openvpn-$s.conf"
		done
		unset IFS
	done
}

section_enabled() {
	config_get_bool enable  "$1" 'enable'  0
	config_get_bool enabled "$1" 'enabled' 0
	[ $enable -gt 0 ] || [ $enabled -gt 0 ]
}

openvpn_add_instance() {
	local name="$1"
	local dir="$2"
	local conf="$3"

	procd_open_instance "$name"
	procd_set_param command "$PROG"	\
		--syslog "openvpn($name)" \
		--status "/var/run/openvpn.$name.status" \
		--cd "$dir" \
		--config "$conf"
	procd_set_param file "$dir/$conf"
	procd_set_param respawn
	procd_append_param respawn 3600
	procd_append_param respawn 5
	procd_append_param respawn -1
	procd_close_instance
}

start_instance() {
	local s="$1"

	config_get config "$s" config
	config="${config:+$(readlink -f "$config")}"

	section_enabled "$s" || {
		append UCI_DISABLED "$config" "$LIST_SEP"
		return 1
	}

	[ ! -d "/var/run" ] && mkdir -p "/var/run"

	if [ ! -z "$config" ]; then
		append UCI_STARTED "$config" "$LIST_SEP"
		openvpn_add_instance "$s" "${config%/*}" "$config"
		return
	fi

	[ ! -d "/var/etc" ] && mkdir -p "/var/etc"
	[ -f "/var/etc/openvpn-$s.conf" ] && rm "/var/etc/openvpn-$s.conf"

	append_bools "$s" $OPENVPN_BOOLS
	append_params "$s" $OPENVPN_PARAMS

	openvpn_add_instance "$s" "/var/etc" "openvpn-$s.conf"
}

start_service() {
	local instance="$1"
	local instance_found=0

	config_cb() {
		local type="$1"
		local name="$2"
		if [ "$type" = "openvpn" ]; then
			if [ -n "$instance" -a "$instance" = "$name" ]; then
				instance_found=1
			fi
		fi
	}

	. /usr/share/openvpn/openvpn.options
	config_load 'openvpn'

	if [ -n "$instance" ]; then
		[ "$instance_found" -gt 0 ] || return
		start_instance "$instance"
	else
		config_foreach start_instance 'openvpn'

		local path name
		for path in /etc/openvpn/*.conf; do
			if [ -f "$path" ]; then
				name="${path##*/}"; name="${name%.conf}"

				# don't start configs again that are already started by uci
				if echo "$UCI_STARTED" | grep -qxF "$path"; then
					continue

				# don't start configs which are set to disabled in uci
				elif echo "$UCI_DISABLED" | grep -qxF "$path"; then
					logger -t openvpn "$name.conf is disabled in /etc/config/openvpn"
					continue
				fi

				openvpn_add_instance "$name" "${path%/*}" "$path"
			fi
		done
	fi
}

service_triggers() {
	procd_add_reload_trigger openvpn
}

It is basically a stock OpenVPN package i downloaded via opkg. I assume it is some weird configuration bug where it keeps asking for /etc/openvpn/server-tap.conf despite having fully valid configuration in /etc/config/openvpn. Can I put some bogus options in /etc/openvpn/server-tap.conf to make it shut up?

Or move openvpn server config from /etc/config/openvpn to /etc/openvpn/server-tap.conf instead?

Thanks!


#5

I've experienced this problem on 18.06.2 - OpenVPN kept respawning with old configure despite various service commands -- attempts to disable the service -- and stripping out all the openvpn related config from uci.

It seems that the spawning process kept running and was impervious to maintenance commands issued via the cli or the web UI -- the only option was to reboot once the config was stripped back.


#6

Hi,
I updated to 18.06.1 (which prompted me to reinstall OpenVPN) and this behaviour stopped.


#7

Note that this was only on initial install. A reboot fixed it (and I'm on 18.06.2).